senior-prompt-engineer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation and code explicitly describe and require web retrieval and use of retrieved contexts — e.g., the Tool Use / Function Calling pattern and "search_web" tool in references/agentic_system_design.md, the SKILL.md / Tools Overview and agent config examples (scripts/agent_orchestrator.py) listing a web_search tool, and the RAG workflows (rag_evaluator.py and SKILL.md) that ingest retrieved contexts — meaning untrusted public web content would be read and used to drive agent actions and decisions.